Tool and Usage
Crowbar is a brute forcing tool that can be used during penetration tests. Unlike other similar tools it uses different methods to achieve its goal.
Why this tool?
While most brute forcing tools take a similar approach, Crowbar can use different methods that are not always available in other utilities. For example, Crowbar can use SSH keys, instead of the typical username and password combination. This might be useful during penetration testing when these type of details are discovered.
Crowbar was formally known as Levye.
Usage and audience
Crowbar is commonly used for penetration testing. Target users for this tool are pentesters.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
History and highlights
- Demoed at Black Hat USA 2014
- Demoed at Black Hat USA 2015
Supported operating systems
Crowbar is known to work on Linux.
Similar tools to Crowbar:
The known_hosts_bruteforce is a script to discover hostnames from the known_hosts file. This can be useful during penetration testing or incident response.
The acccheck tool performs a password guessing and dictionary attack on SMB services used to share files and printers.
Eapmd5pass is a password attack tool for EAP-MD5 authentication traffic. It uses an offline attack, meaning it deals with captured network data.
|Latest release||v.3.4 [2016-01-20]|